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DETAILED ACTION 

1 . This is in response to the communications filed on 8 November 2005. 

2. Claims 1-90 are pending in the application. 

3. Claims 1-90 have been rejected. 

Information Disclosure Statement 

4. The information disclosure statement filed 16 August 2004 fails to comply with 37 CFR 
1.98(a)(2), which requires a legible copy of each cited foreign patent document; each non-patent 
literature publication or that portion which caused it to be listed; and all other information or that 
portion which caused it to be listed. It has been placed in the application file, but the information 
referred to therein has not been considered. 

Claim Rejections - 35 USC §112 
The following is a quotation of the second paragraph of 35 U.S.C. 1 12: 

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the 
subject matter which the applicant regards as his invention. 

5. Claims 10, 26, 42, 56, 70 and 84 are rejected under 35 U.S.C. 1 12, second paragraph, as being 
indefinite in that it fails to point out what is included or excluded by the claim language. This 



claim is an omnibus type claim. 



Claim Objections 



6. Claim 64 is objected to because of the following informalities: typographical error. There is 
no space between the words "comprises" and "transferring". Appropriate correction is required. 



» 
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Claim Rejections - 35 USC § 102 
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 2 1(2) of such treaty in the English language. 

7. Claims 1-5, 8, 9, 12-14, 17-21, 24, 25, 28-30, 33-37, 40, 41, 44, 45, 48-51, 54, 55, 58, 61-65, 
68, 69, 72-74, 77-79, 82, 83 and 86-88 are rejected under 35 U.S.C. 102(e) as being 
anticipated by Gusler et al U.S. Patent No. 6,938,057 B2. 

As to claim 1, Gusler et al discloses a method for establishing a secure communication 
channel between a client and an application server, the method comprising the steps of: 

(a) obtaining, by a web server, a MIME type document and a ticket 
associated with a client, the MIME type document comprising a client application 
program, the ticket having an identifier and a session key [column 6 line 43 to 
column 7 line 24]; 

(b) receiving, by a web browser, the MIME type document and the ticket 
from the web server [column 7 line 24 to column 8 line 33]; 

(c) invoking, by the web browser, the received client application program 
[column 7 line 24 to column 8 line 33]; 

(d) establishing an application communication channel between the client 
and the application server [column 7 line 24 to column 8 line 33]; 
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(e) transmitting, by the client application program, the identifier from the 
ticket to the application server over the application communication channel 
[column 7 line 24 to column 8 line 33]; 

(f) obtaining, by the application server, a copy of the session key from the 
web server using the identifier [column 7 line 24 to column 8 line 33]; and 

(g) encrypting communications between the client application program 
and the application server over the application communication channel using the 
session key [column 7 line 24 to column 8 line 33]. 

As to claims 2, 18, 35 and 63, Gusler et al discloses that step (a) further consists of 
establishing a secure web communication channel between the web browser and the web server 
[column 6 line 43 to column 7 line 24]. 

As to claims 3, 19, 36, 50 and 64, Gusler et al discloses that step (c) further consists of 
transferring, by the web browser, the ticket to the client application program [column 6 line 43 to 
column 7 line 24]. 

As to claims 4, 20, 34, 49, 62 and 78, Gusler et al discloses that step (g) further comprises 
decrypting communications between the client application program and the application server 
using the session key [column 6 line 43 to column 7 line 24]. 

As to claims 5, 21, 51 and 65, Gusler et al discloses that step (a) further comprises 
receiving, at the web server, a request from the client to have an application program executed on 
the application server and to have output from the application program executing on the 
application server transmitted to the client application program [column 8, lines 34-44]. 
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As to claims 8, 24, 40, 54, 68 and 82, Gusler et al discloses that step (c) further comprises 
installing the client application program for a first time on the client [column 8, lines 34-44]. 

As to claims 9, 25, 41, 55, 69 and 83, Gusler et al discloses that step (a) further comprises 
obtaining a ticket having an application server certificate for the identifier [column 6 line 43 to 
column 7 line 24]. 

As to claims 12, 28, 44, 58, 72 and 86, Gusler et al discloses that step (a) further com- 
prises obtaining a ticket granting access to a previously authorized resource [column 6 line 43 to 
column 7 line 24]. 

As to claims 13, 29, 45, 73 and 87, Gusler et al discloses that step (e) further comprises 
transmitting a password to the application server [column 6 line 43 to column 7 line 24]. 

As to claims 14, 30, 74 and 88, Gusler et al discloses that step (a) further comprises 
obtaining the MIME type document from the application server [column 5, lines 28-57]. 

As to claim 17, Gusler et al discloses a client system for establishing a secure 
communication channel with an application server, the client system comprising: 

a web browser associated with a client [column 6 line 43 to column 7 line 

24]; 

a web server in communication with the web browser over a web 
communication channel, the web server obtaining a MIME type document and a 
ticket associated with the client, the MIME type document comprising a client 
application program, the ticket having an identifier and a session key [column 6 
line 43 to column 7 line 24]; 
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the web browser receiving, from the web server, the ticket and the MIME 
type document, the web browser invoking the received client application program 
[column 6 line 43 to column 7 line 24]; 

an application server, in communication with the client over an application 
communication channel, receiving the identifier from the client application 
program, and the application server, in communication with the web server, 
obtaining a copy of the session key by using the identifier [column 6 line 43 to 
column 7 line 24]; and 

the application server and the client application program encrypting 
communications over the application communication channel using the session 
key [column 6 line 43 to column 7 line 24]. 
As to claim 33, Gusler et al discloses a method for establishing a secure communication 
channel with an application server, the method comprising the steps of: 

(a) receiving a MIME type document and a ticket from the web server, the 
ticket having an identifier and a session key, and the MIME type document 
comprising a client application program [column 6 line 43 to column 7 line 24]; 

(b) invoking the received client application program [column 7 line 24 to 
column 8 line 33]; 

(c) establishing an application communication channel with an application 
server [column 7 line 24 to column 8 line 33]; 

(d) transmitting the identifier from the ticket to the application server over 
the application communication channel to provide the application server with 



Application/Control Number: 10/709,806 Page 7 

Art Unit: 2131 

information for obtaining a copy of the session key [column 7 line 24 to column 8 
line 33]; and 

(e)encrypting communications to the application server over the 
application communication channel using the session key [column 7 line 24 to 
column 8 line 33]. 

As to claim 37, Gusler et al discloses that step (a) further comprises sending, to the web 
server, a request to have an application program executed on the application server and to receive 
output from the application program executing on the application server [column 7 line 24 to 
column 8 line 33], 

As to claim 48, Gusler et al discloses a client system for establishing a secure 
communication channel with a client, the client system comprising: 

a web browser in communication with a web server over a web 
communication channel, the web browser receiving, from the web server, a 
MIME type document and a ticket, the MIME type document comprising a client 
application program, the ticket having an identifier and a session key [column 6 
line 43 to column 7 line 24]; 

a client application program invoked by the web browser [column 7 line 
24 to column 8 line 33]; and 

the client application program establishing an application communication 
channel with the application server, the client application program transmitting 
the identifier over the application communication channel, and the client 
application program encrypting communications to the application server over the 
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application communication channel using the session key [column 7 line 24 to 
column 8 line 33]. 

As to claim 61 , Gusler et al discloses a method for establishing a secure communication 
channel with a client, the method comprising the steps of: 

(a) obtaining, by a web server, a MIME type document and a ticket 
associated with a client, the MIME type document comprising a client application 
program, the ticket having an identifier and a session key [column 6 line 43 to 
column 7 line 24]; 

(b) transmitting, by the web server, the MIME type document and the 
ticket to a web browser over a web communication channel [column 7 line 24 to 
column 8 line 33]; 

(c) invoking, by the web browser, the received client application program 
[column 7 line 24 to column 8 line 33]; 

(d) establishing an application communication channel with the client 
[column 7 line 24 to column 8 line 33]; 

(e) receiving, from the client application program, the identifier from the 
ticket over the application communication channel [column 7 line 24 to column 8 
line 33]; 

(f) obtaining a copy of the session key from the web server using the 
identifier [column 7 line 24 to column 8 line 33]; and 
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(g) encrypting communications to the client application program over the 
application communication channel using the session key [column 7 line 24 to 
column 8 line 33]. 

As to claim 77, Gusler et al discloses a server system for establishing a secure 
communication channel with a client, the server system comprising: 

a ticket service generating a ticket associated with a client, the ticket 
having an identifier and a session key [column 6 line 43 to column 7 line 24]; 

a web server in communication with the ticket service, the web server 
transmitting a MIME type document and the ticket to the client over a web 
communication channel, the MIME type document comprising a client appli- 
cation program [column 7 line 24 to column 8 line 33]; and 

an application server receiving the identifier from the ticket from the 
client, obtaining a copy of the session key from the web server, establishing an 
application communication channel with the client, and encrypting 
communications to the client over the application communication channel using 
the session key [column 7 line 24 to column 8 line 33], 
As to claim 79, Gusler et al discloses that the web server receives a request from the 
client to have an application program executed on the client's behalf and to have output from the 
application program, as it is executing, transmitted to the client [column 7 line 24 to column 8 
line 33]. 
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Claim Rejections - 35 USC §103 
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

* 

8. Claims 6, 15, 16, 22, 31, 32, 38, 46, 47, 52, 59, 60, 66, 75, 76, 80, 89 and 90 are rejected 
under 35 U.S.C. 103(a) as being unpatentable over Gusler et al U.S. Patent No. 6,938,057 
B2 as applied to claims 1, 17, 33, 48, 61 and 77 above, and further in view of Anderson et al 
U.S. Patent No. 6,108,787. 

As to claims 6, 16, 22, 32, 38, 47, 52, 60, 66, 76, 80 and 90, Gusler et al discloses 
executing, by the application server, the application program identified in the request, and 
transmitting, by the application server, the output of the application program over the application 
communication channel [column 5 line 65 to column 6 line 11]. 

Gusler et al does not teach a remote display protocol. 

Anderson et al teaches a remote display protocol that is the Remote Desktop Protocol 
[column 14, lines 5-11]. 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Gusler et al so that the output of the application 
program would have been transmitted over an application communication channel via a remote 
display protocol that would have been the Remote Desktop Protocol. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Gusler et al by the teaching of Anderson et al because it 



Application/Control Number: 10/709,806 Page 1 1 

Art Unit: 2131 

allows a user in a more classified network to run an application on an information processing 
means (e.g. workstation in the less classified network while displaying the results of the session 
on the information processing means (e.g. workstation) in the more classified network [column 
14, lines 5-11]. 

As to claims 15, 31, 46, 59, 75 and 89, the Gusler- Anderson combination teaches using 
the Independent Computing Architecture protocol for the remote display protocol [column 5 line 
65 to column 6 line 11]. 

9. Claims 7, 23, 39, 53, 67 and 81 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Gusler et al U.S. Patent No. 6,938,057 B2 as applied to claims 1, 17, 33, 48, 61 and 77 
above, and further in view of Anderson et al U.S. Patent No. 6,108,787. 

As to claims 7, 23, 39, 53, 67 and 81, Gusler et al does not teach obtaining a MIME type 
document having a remote display client for the client application program. 

Anderson et al teaches a remote display protocol that is the Remote Desktop Protocol 
[column 14, lines 5-1 1]. 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Gusler et al so that a MIME type document would 
have been obtained and would have had a remote display protocol that would have been the 
Remote Desktop Protocol for the client application program. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Gusler et al by the teaching of Anderson et al because it 
allows a user in a more classified network to run an application on an information processing 
means (e.g. workstation in the less classified network while displaying the results of the session 
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on the information processing means (e.g. workstation) in the more classified network [column 
14, lines 5-11]. 

10, Claims 11, 27, 43, 57, 71 and 85 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Gusler et al U.S. Patent No. 6,938,057 B2 as applied to claims 1, 17, 33, 
48, 61 and 77 above, and further in view of He et al U.S. Patent No. 6,088,451. 

As to claim 11, Gusler et al does not teach obtaining a ticket granting access for a single 

use. 

He et al teaches a ticket for single use only [column 29 line 49 to column 30 line 7]. 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Gusler et al so that the ticket that was granted 
would have been for a single use only. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Gusler et al by the teaching of He et al because this 
relieves a great burden from the system security administrator and inevitably increase the 
effectiveness of the network security mechanisms and the efficiency of network administration 
and management [column 30, lines 4-7]. 
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Conclusion 



11. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Aravind K. Moorthy whose telephone number is 571-272-3793. 
The examiner can normally be reached on Monday-Friday, 8:00-5:30. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz R. Sheikh can be reached on 571-272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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